10 matches found
EUVD-2005-2185
Malware in sbrugna...
EUVD-2024-37376
Malicious code in bioql PyPI...
EUVD-2025-18626
Malicious code in bioql PyPI...
PT-2025-26162 · Efrotech · Efrotech Timetrax
Name of the Vulnerable Software and Affected Versions: EfroTech Time Trax version 1.0 Description: An issue in EfroTech Time Trax allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form. This issue is related to the CWE-434 Unrestricted Upload...
CVE-2025-46157
An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...
CVE-2019-17399
The Shack Forms Pro extension before 4.0.32 for Joomla! allows path traversal via a file attachment...
CVE-2019-4409
HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks. On the Problem Report page of the Traveler servlet pages, there is a field to specify a file attachment to provide additional problem details. An invalid file name returns an error message that includes the...
Vulnerability Report On IPSWITCH's IMail
Vulnerability Report On IPSWITCH's IMail Date Published: August 30 2000 Advisory ID: TS003 Bugtraq ID: http://www.securityfocus.com/bid/1617 CVE CAN: None at this time Title: IPSWITCH IMail File Attachment Vulnerability Class: Access Validation Error Remotely Exploitable: Yes Locally Exploitable:...
Matt Wright - FormHandler.cgi 2.0 Reply Attachment
Matt Wright - FormHandler.cgi 2.0 Reply Attachment source: https://www.securityfocus.com/bid/799/info Any file that the FormHandler.cgi has read access to the cgi is typically run as user 'nobody' on Unix systems can be specified as an attachment in a reply email. This could allow an attacker to...
Matt Wright - 'FormHandler.cgi' 2.0 Reply Attachment
source: https://www.securityfocus.com/bid/799/info Any file that the FormHandler.cgi has read access to the cgi is typically run as user 'nobody' on Unix systems can be specified as an attachment in a reply email. This could allow an attacker to gain access to sensitive files such as /etc/passwd...